Cyber Security Consultant

Cyber Security Consultant

4C Strategies is one of the leading independent IT consultancies in the UK public sector. As part of our exciting growth plans, we are looking to expand our emerging cyber team with the recruitment of a Senior Cyber Security Consultant.

As part of our continued growth, we are seeking a Senior Cyber Security Consultant who has already achieved, or is on a clear path to achieving, UK Cyber Security Council Chartered status.

This is a senior role for an experienced consultant who can lead engagements, provide authoritative advice, and help shape our cyber security services. You will work primarily in Audit & Assurance and Risk & Compliance, with the opportunity to contribute to Incident Response where needed. There will also be opportunities to define and lead other areas of cyber security.

• Lead and deliver client engagements across governance, risk and compliance (GRC), including audits, assessments and improvement plans aligned to frameworks such as ISO/IEC 27001, NCSC CAF, and PCI DSS.
• Lead independent assurance, review and test security policies, procedures and controls; identify gaps; and recommend pragmatic remediation strategies.
• Develop and present security strategies that enhance resilience and reduce risk, tailored to client environments.
• Engage stakeholders, facilitate workshops, brief senior leaders, and build trusted relationships across client and supplier teams.
• Produce high-quality deliverables, audit reports, risk assessments, control mappings, and remediation roadmaps.
• Stay ahead of the curve, monitor emerging threats, regulations and standards, and translate these into actionable guidance.
• Support incident response activities where required, providing expertise during investigations and post-incident reviews.
• Mentor and develop colleagues, sharing knowledge and contributing to the growth of our cyber practice.

• UK Cyber Security Council Chartered status (or demonstrable readiness to achieve this in the near term).
• Significant experience in cyber security consulting or assurance, ideally within the public sector.
• Deep knowledge of GRC frameworks and standards (e.g. CAF, ISO/IEC 27001, PCI DSS).
• Strong client-facing skills, able to communicate complex issues clearly to technical and non-technical audiences.
• Proven track record of delivering high-quality outputs on time and influencing decision-making.
• Excellent written and verbal communication, including the ability to produce polished consultancy reports.
• Desirable certifications: ISO 27001 Lead Auditor/Implementer, CISSP, CISM, CRISC, CCP (GRC), or equivalent.
• Driving license and willingness to travel to client sites across the UK as required.

• Work with a growing cyber team in a respected consultancy with strong public sector credentials.
• Hybrid working, home-based with weekly (Thursday) office collaboration (in Market Harborough) and client site visits as needed.
• Professional development, support for CPD, including maintaining Chartered status and relevant certifications.
• Varied engagements, opportunities to work across multiple domains, including incident response.

• Between £50,000 - £70,000, subject to experience
• 3% Pension contributions
• 25 days holiday + Bank holidays
• Option to purchase an additional 5 days holiday
• Home based with an expectation of 1 day in the office per week and work on UK client sites as required
• Private Healthcare
• Employee Assistance Programme
• Commitment to on-going training

4C Strategies is an equal opportunities employer. We celebrate diversity and are committed to creating an inclusive environment for all colleagues